DAVID GOATED | drill down AuthSettings

GenerateNU · Feb 3, 2024 · 307dc76 · 307dc76
1 parent 124faac
commit 307dc76
Show file tree

Hide file tree

Showing 7 changed files with 28 additions and 29 deletions.
diff --git a/backend/src/auth/tokens.go b/backend/src/auth/tokens.go
@@ -103,9 +103,9 @@ func ExpireCookie(name string) *fiber.Cookie {
 }
 
 // RefreshAccessToken refreshes the access token
-func RefreshAccessToken(refreshCookie string, role string, accessExpiresAfter uint, accessTokenSecret string) (*string, *errors.Error) {
+func RefreshAccessToken(refreshCookie string, role string, refreshTokenSecret string, accessExpiresAfter uint, accessTokenSecret string) (*string, *errors.Error) {
 	// Parse the refresh token
-	refreshToken, err := ParseRefreshToken(refreshCookie)
+	refreshToken, err := ParseRefreshToken(refreshCookie, refreshTokenSecret)
 	if err != nil {
 		return nil, &errors.FailedToParseRefreshToken
 	}
@@ -126,26 +126,22 @@ func RefreshAccessToken(refreshCookie string, role string, accessExpiresAfter ui
 }
 
 // ParseAccessToken parses the access token
-func ParseAccessToken(cookie string) (*jwt.Token, error) {
-	var settings config.Settings
-
+func ParseAccessToken(cookie string, accessTokenSecret string) (*jwt.Token, error) {
 	return jwt.ParseWithClaims(cookie, &types.CustomClaims{}, func(token *jwt.Token) (interface{}, error) {
-		return []byte(settings.Auth.AccessToken), nil
+		return []byte(accessTokenSecret), nil
 	})
 }
 
 // ParseRefreshToken parses the refresh token
-func ParseRefreshToken(cookie string) (*jwt.Token, error) {
-	var settings config.Settings
-
+func ParseRefreshToken(cookie string, refreshTokenSecret string) (*jwt.Token, error) {
 	return jwt.ParseWithClaims(cookie, &jwt.StandardClaims{}, func(token *jwt.Token) (interface{}, error) {
-		return []byte(settings.Auth.RefreshToken), nil
+		return []byte(refreshTokenSecret), nil
 	})
 }
 
 // GetRoleFromToken gets the role from the custom claims
-func GetRoleFromToken(tokenString string) (*string, error) {
-	token, err := ParseAccessToken(tokenString)
+func GetRoleFromToken(tokenString string, accessTokenSecret string) (*string, error) {
+	token, err := ParseAccessToken(tokenString, accessTokenSecret)
 	if err != nil {
 		return nil, err
 	}
@@ -159,8 +155,8 @@ func GetRoleFromToken(tokenString string) (*string, error) {
 }
 
 // ExtractClaims extracts the claims from the token
-func ExtractAccessClaims(tokenString string) (*types.CustomClaims, *errors.Error) {
-	token, err := ParseAccessToken(tokenString)
+func ExtractAccessClaims(tokenString string, accessTokenSecret string) (*types.CustomClaims, *errors.Error) {
+	token, err := ParseAccessToken(tokenString, accessTokenSecret)
 	if err != nil {
 		return nil, &errors.FailedToParseAccessToken
 	}
@@ -174,8 +170,8 @@ func ExtractAccessClaims(tokenString string) (*types.CustomClaims, *errors.Error
 }
 
 // ExtractClaims extracts the claims from the token
-func ExtractRefreshClaims(tokenString string) (*jwt.StandardClaims, *errors.Error) {
-	token, err := ParseRefreshToken(tokenString)
+func ExtractRefreshClaims(tokenString string, refreshTokenSecret string) (*jwt.StandardClaims, *errors.Error) {
+	token, err := ParseRefreshToken(tokenString, refreshTokenSecret)
 	if err != nil {
 		return nil, &errors.FailedToParseRefreshToken
 	}

diff --git a/backend/src/controllers/auth.go b/backend/src/controllers/auth.go
@@ -36,7 +36,7 @@ func (a *AuthController) Me(c *fiber.Ctx) error {
 	// Extract token values from cookies
 	accessTokenValue := c.Cookies("access_token")
 
-	claims, err := auth.ExtractAccessClaims(accessTokenValue)
+	claims, err := auth.ExtractAccessClaims(accessTokenValue, a.AuthSettings.AccessToken)
 	if err != nil {
 		return err.FiberError(c)
 	}
@@ -102,7 +102,7 @@ func (a *AuthController) Refresh(c *fiber.Ctx) error {
 	refreshTokenValue := c.Cookies("refresh_token")
 
 	// Extract id from refresh token
-	claims, err := auth.ExtractRefreshClaims(refreshTokenValue)
+	claims, err := auth.ExtractRefreshClaims(refreshTokenValue, a.AuthSettings.RefreshToken)
 	if err != nil {
 		return err.FiberError(c)
 	}
@@ -112,7 +112,7 @@ func (a *AuthController) Refresh(c *fiber.Ctx) error {
 		return err.FiberError(c)
 	}
 
-	accessToken, err := auth.RefreshAccessToken(refreshTokenValue, string(*role), a.AuthSettings.AccessTokenExpiry, a.AuthSettings.AccessToken)
+	accessToken, err := auth.RefreshAccessToken(refreshTokenValue, string(*role), a.AuthSettings.RefreshToken, a.AuthSettings.AccessTokenExpiry, a.AuthSettings.AccessToken)
 	if err != nil {
 		return err.FiberError(c)
 	}

diff --git a/backend/src/middleware/auth.go b/backend/src/middleware/auth.go
@@ -23,7 +23,7 @@ func (m *MiddlewareService) Authenticate(c *fiber.Ctx) error {
 		return c.Next()
 	}
 
-	token, err := auth.ParseAccessToken(c.Cookies("access_token"))
+	token, err := auth.ParseAccessToken(c.Cookies("access_token"), m.AuthSettings.AccessToken)
 	if err != nil {
 		return errors.FailedToParseAccessToken.FiberError(c)
 	}
@@ -42,7 +42,7 @@ func (m *MiddlewareService) Authenticate(c *fiber.Ctx) error {
 
 func (m *MiddlewareService) Authorize(requiredPermissions ...types.Permission) func(c *fiber.Ctx) error {
 	return func(c *fiber.Ctx) error {
-		role, err := auth.GetRoleFromToken(c.Cookies("access_token"))
+		role, err := auth.GetRoleFromToken(c.Cookies("access_token"), m.AuthSettings.AccessToken)
 		if err != nil {
 			return errors.FailedToParseAccessToken.FiberError(c)
 		}

diff --git a/backend/src/middleware/club.go b/backend/src/middleware/club.go
@@ -17,7 +17,7 @@ func (m *MiddlewareService) ClubAuthorizeById(c *fiber.Ctx) error {
 		return errors.FailedToParseUUID.FiberError(c)
 	}
 
-	token, tokenErr := auth.ParseAccessToken(c.Cookies("access_token"))
+	token, tokenErr := auth.ParseAccessToken(c.Cookies("access_token"), m.AuthSettings.AccessToken)
 	if tokenErr != nil {
 		return errors.FailedToParseAccessToken.FiberError(c)
 	}

diff --git a/backend/src/middleware/middleware.go b/backend/src/middleware/middleware.go
@@ -1,6 +1,7 @@
 package middleware
 
 import (
+	"github.com/GenerateNU/sac/backend/src/config"
 	"github.com/GenerateNU/sac/backend/src/types"
 	"github.com/go-playground/validator/v10"
 	"github.com/gofiber/fiber/v2"
@@ -15,13 +16,15 @@ type MiddlewareInterface interface {
 }
 
 type MiddlewareService struct {
-	DB       *gorm.DB
-	Validate *validator.Validate
+	DB           *gorm.DB
+	Validate     *validator.Validate
+	AuthSettings config.AuthSettings
 }
 
-func NewMiddlewareService(db *gorm.DB, validate *validator.Validate) *MiddlewareService {
+func NewMiddlewareService(db *gorm.DB, validate *validator.Validate, authSettings config.AuthSettings) *MiddlewareService {
 	return &MiddlewareService{
-		DB:       db,
-		Validate: validate,
+		DB:           db,
+		Validate:     validate,
+		AuthSettings: authSettings,
 	}
 }
diff --git a/backend/src/middleware/user.go b/backend/src/middleware/user.go
@@ -14,7 +14,7 @@ func (m *MiddlewareService) UserAuthorizeById(c *fiber.Ctx) error {
 		return errors.FailedToParseUUID.FiberError(c)
 	}
 
-	token, tokenErr := auth.ParseAccessToken(c.Cookies("access_token"))
+	token, tokenErr := auth.ParseAccessToken(c.Cookies("access_token"), m.AuthSettings.AccessToken)
 	if tokenErr != nil {
 		return err
 	}

diff --git a/backend/src/server/server.go b/backend/src/server/server.go
@@ -29,7 +29,7 @@ func Init(db *gorm.DB, settings config.Settings) *fiber.App {
 	app := newFiberApp()
 
 	validate := utilities.RegisterCustomValidators()
-	middlewareService := middleware.NewMiddlewareService(db, validate)
+	middlewareService := middleware.NewMiddlewareService(db, validate, settings.Auth)
 
 	apiv1 := app.Group("/api/v1")
 	apiv1.Use(middlewareService.Authenticate)